AI description
CVE-2025-20029 is a command injection vulnerability found in F5's BIG-IP, specifically impacting iControl REST and the TMOS Shell (tmsh). This vulnerability allows authenticated attackers, possessing even low-level privileges, to execute arbitrary system commands by sending specially crafted requests through iControl REST remotely or via crafted tmsh commands locally. Successful exploitation could enable attackers to create or delete files, and potentially escalate privileges to root. This vulnerability is a control plane issue and does not expose the data plane. Affected BIG-IP versions include 15.1.0 through 15.1.10, 16.1.0 through 16.1.5, and 17.1.0 through 17.1.2. F5 has addressed this vulnerability and recommends upgrading to versions 15.1.10.6, 16.1.5.2, 17.1.2.1, or later. This vulnerability has been classified as CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). As of today, February 24, 2025, there are no reports of this vulnerability being actively exploited in the wild. However, given the potential impact, it is crucial to apply the necessary updates as soon as possible.
- Description
- Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command, which may allow an authenticated attacker to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
- Source
- f5sirt@f5.com
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- f5sirt@f5.com
- CWE-78
- Hype score
- Not currently trending
🚨 ¡Más de 1,000 servidores BIG-IP en México expuestos! (afectando Bancos/GOB/EDU) ⚠️ El CVE-2025-20029 permite escalar privilegios y ejecución remota de comandos. 🔥 ¡PoC recientemente publicada, el riesgo es inminente! 🔍 Hasta el momento se han identificado más de mil… ht
@tpx_Security
1 Mar 2025
474 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
1 Quote
F5 BIG-IPの脆弱性 PoCがリリース(CVE-2025-20029) #セキュリティ対策Lab #セキュリティ #Security https://t.co/3gNjGBcWNa
@securityLab_jp
28 Feb 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20029: Command Injection in F5 BIG-IP, 8.8 rating❗️ The vulnerability allows an attacker to escalate privileges, execute arbitrary commands, Read more.... Search at https://t.co/eIOqQkUaH1: 👉 Link: https://t.co/Z19t91lWH2 #BugBounty #Trending #Cybersecurity https://t.c
@dannyabebe2025
27 Feb 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20029: Command injection of TMSH CLI in F5 BIG-IP https://t.co/qud3n039eq https://t.co/qefJnGvCzv
@freedomhack101
27 Feb 2025
38 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-20029: Command Injection Flaw Discovered in F5 BIG-IP System, PoC Releases 🎯2.3m+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔥PoC: https://t.co/OPzh7Q4VXr 🔗FOFA Link:https://t.co/pTLpgAh0HY FOFA Query:app="f5-BIGIP"… https://t.co/gpBJVab3TF
@fofabot
27 Feb 2025
2763 Impressions
16 Retweets
58 Likes
30 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: Command Injection Flaw in F5 BIG-IP System 📅 Timeline: Disclosure: 2025-01-24, Patch: 2025-01-31 🆔cveId: CVE-2025-20029 📊baseScore: 8.8 📏cvssMetrics: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvssSeverity: High 🟠 🛠️exploitMaturity: Proof-of-Concept… h
@syedaquib77
27 Feb 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20029: Command Injection Flaw Discovered in F5 BIG-IP System, PoC Releases https://t.co/iLhD1NFAwu
@Dinosn
27 Feb 2025
7703 Impressions
64 Retweets
163 Likes
45 Bookmarks
1 Reply
0 Quotes
CVE-2025-20029: Command Injection Flaw Discovered in F5 BIG-IP System, PoC Releases Explore CVE-2025-20029, the command injection vulnerability in F5 BIG-IP that affects multiple versions of the system https://t.co/ecSldbYvzT
@the_yellow_fall
27 Feb 2025
2283 Impressions
17 Retweets
43 Likes
15 Bookmarks
0 Replies
0 Quotes
به تازگی برای (TMSH) مربوط به F5 BIG-IP آسیب پذیری با کد شناسایی CVE-2025-20029 از نوع command injection منتشر شده است. این آسیب پذیری به هکرها امکان اجرای کامند با دسترسی پایین و ارتقای سطح دسترسی به یوزر root را می دهد. https://t.co/Poz3aKY03t https://t.co/osCvrPdkwd
@AmirHossein_sec
26 Feb 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20029: Command injection of TMSH CLI in F5 BIG-IP https://t.co/i0SyN3BdBX
@momika233
26 Feb 2025
1088 Impressions
6 Retweets
24 Likes
9 Bookmarks
0 Replies
0 Quotes
F5のBIG-IPに深刻な脆弱性(CVE-2025-20029, CVSS 8.8)が発覚しPoCコードが公開される。iControl REST APIとtmshのコマンド処理の不備により認証済みの攻撃者がroot権限でコマンド実行できる。攻撃者はシェルメタ文字の注入を利用して制限を回避し、バックドア設置や設定改ざんが可能。… https://t.co/kE6GDEzLAW
@yousukezan
25 Feb 2025
1718 Impressions
0 Retweets
10 Likes
6 Bookmarks
0 Replies
1 Quote
CVE-2025-20029 is a command injection vulnerability in F5 BIG-IP's iControl REST, allowing authenticated attackers with low privileges to execute system commands. A PoC demonstrating remote code execution via the 'tmsh' CLI is available on GitHub; https://t.co/VADGa4s9aV
@GrimmAnalyst
24 Feb 2025
67 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
GitHub - mbadanoiu/CVE-2025-20029: CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP - https://t.co/mN57mioFjp
@piedpiper1616
24 Feb 2025
3763 Impressions
34 Retweets
77 Likes
32 Bookmarks
0 Replies
0 Quotes
[CVE-2025-20029: HIGH] Critical command injection vulnerability in iControl REST & BIG-IP TMOS Shell save command can lead to execution of system commands by authenticated attackers. Note: EoTS versions not inclu...#cybersecurity,#vulnerability https://t.co/HfZy9jIPps https:/
@CveFindCom
5 Feb 2025
44 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20029 Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command, which may allow an authenticated attacker to execute arbitrary syst… https://t.co/QGhI906VpN
@CVEnew
5 Feb 2025
171 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes